Received: by 2002:ac0:da4c:0:0:0:0:0 with SMTP id a12csp455522imi; Fri, 22 Jul 2022 02:46:02 -0700 (PDT) X-Google-Smtp-Source: AGRyM1tmN2fthKdq7W2KujbNjx6ywiLWdGamWzGN4CU5OImoL3luff2QESmcI7Oc5y4Dk99SECw1 X-Received: by 2002:a63:551a:0:b0:412:24ed:33f1 with SMTP id j26-20020a63551a000000b0041224ed33f1mr2449129pgb.147.1658483162617; Fri, 22 Jul 2022 02:46:02 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1658483162; cv=none; d=google.com; s=arc-20160816; b=QI+M7qnnvYsGvi3BLK1nlMl6PcSvj3UzV3CoF4a6ykI0S6+SjesITDJlgTW5wLaKuO zah1aRmTPX+K4EDJyU0zWBm3VPHhYKc9fPLsvuVcIC827rs39L6xquW/y4zDBRSNKxag NonJPWs6QH6lukVouewYS1wg0NvVZdluwjmTGvRAaznjI9Kn4TXRxn6MW1PMiKO3QqYB L2zSszy/fQApXxmrfyt1PrNuwPqqTxDyo7/U/+C6uN1tcFFZyCE8BQo0UrjLhT0yGClh l0nsI4PdQ1pxuzXRokQ+e60aRyejnk0CROyrFAvL5AkToCL+/ZWUuFnTJyaSNzFOYVw3 H9wQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=vS2GJEKulj7t1N2oYMYKiY8GsfboIiSMFPbI6J3CawY=; b=lzdZmb1MnxZCSzLUq34xU6l3VO5YJXJC6nrtvgJYW62Qmk/jSYof1ArsP+EN0pq5bj HUrR27F9V/uIibdtuFocpVd0ar8ZjS+c3MLg3vEZkVn6r5TuIe8NmTJn4/94AnAcLjFx rUT6/cEwR39mXTNIC3FUmms6FFQlhNQ3+N5UcTtSC3e9TatylBJCAQaWxAFhCFQa9TBc 4JDvL+QhyTBbLYrO/8MSgVUNKvpgZm7DbTwXuGHvE1FvoPucRNiyWKTLazmRCW+joL9Q 1jcTa0d8NF+bRGwYQJ3pFqzrXZCFp6CzTtK5vJ9orUSwez3wWj/zcmRHggLCBKwbjuWU n9WA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=CbeqxwbI; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id y13-20020a63494d000000b00419d02e5666si5698203pgk.340.2022.07.22.02.45.46; Fri, 22 Jul 2022 02:46:02 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=CbeqxwbI; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S235622AbiGVJPy (ORCPT + 99 others); Fri, 22 Jul 2022 05:15:54 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:52646 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S235569AbiGVJPC (ORCPT ); Fri, 22 Jul 2022 05:15:02 -0400 Received: from dfw.source.kernel.org (dfw.source.kernel.org [IPv6:2604:1380:4641:c500::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id D19558B4A1; Fri, 22 Jul 2022 02:11:25 -0700 (PDT) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id 57FDD61F72; Fri, 22 Jul 2022 09:11:25 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 21D8CC341CF; Fri, 22 Jul 2022 09:11:23 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org; s=korg; t=1658481084; bh=zvjDX8b18xJxifx02nx4to4MscGcD0clud+Y979qlDs=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=CbeqxwbIxR682TOYaY+Dew33go+Mw0gWRO6RaBwHbrdTdTYQEy4YOwb77KPkZU9NT X+Zu0oVCdrupC/FZUIr3XrhOt+oO7EFzqwSWZMWXG/K//w2nibunmqwvbHjLvxeXMm vqez1Cc5SPeI7Iiht+hJ6Jfa7JuIvV39OCvfQHzQ= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Thadeu Lima de Souza Cascardo , Borislav Petkov Subject: [PATCH 5.18 58/70] x86/bugs: Do not enable IBPB-on-entry when IBPB is not supported Date: Fri, 22 Jul 2022 11:07:53 +0200 Message-Id: <20220722090654.046557590@linuxfoundation.org> X-Mailer: git-send-email 2.37.1 In-Reply-To: <20220722090650.665513668@linuxfoundation.org> References: <20220722090650.665513668@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-7.8 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_HI, SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Thadeu Lima de Souza Cascardo commit 2259da159fbe5dba8ac00b560cf00b6a6537fa18 upstream. There are some VM configurations which have Skylake model but do not support IBPB. In those cases, when using retbleed=ibpb, userspace is going to be killed and kernel is going to panic. If the CPU does not support IBPB, warn and proceed with the auto option. Also, do not fallback to IBPB on AMD/Hygon systems if it is not supported. Fixes: 3ebc17006888 ("x86/bugs: Add retbleed=ibpb") Signed-off-by: Thadeu Lima de Souza Cascardo Signed-off-by: Borislav Petkov Signed-off-by: Thadeu Lima de Souza Cascardo Signed-off-by: Greg Kroah-Hartman --- arch/x86/kernel/cpu/bugs.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) --- a/arch/x86/kernel/cpu/bugs.c +++ b/arch/x86/kernel/cpu/bugs.c @@ -858,7 +858,10 @@ static void __init retbleed_select_mitig break; case RETBLEED_CMD_IBPB: - if (IS_ENABLED(CONFIG_CPU_IBPB_ENTRY)) { + if (!boot_cpu_has(X86_FEATURE_IBPB)) { + pr_err("WARNING: CPU does not support IBPB.\n"); + goto do_cmd_auto; + } else if (IS_ENABLED(CONFIG_CPU_IBPB_ENTRY)) { retbleed_mitigation = RETBLEED_MITIGATION_IBPB; } else { pr_err("WARNING: kernel not compiled with CPU_IBPB_ENTRY.\n"); @@ -873,7 +876,7 @@ do_cmd_auto: boot_cpu_data.x86_vendor == X86_VENDOR_HYGON) { if (IS_ENABLED(CONFIG_CPU_UNRET_ENTRY)) retbleed_mitigation = RETBLEED_MITIGATION_UNRET; - else if (IS_ENABLED(CONFIG_CPU_IBPB_ENTRY)) + else if (IS_ENABLED(CONFIG_CPU_IBPB_ENTRY) && boot_cpu_has(X86_FEATURE_IBPB)) retbleed_mitigation = RETBLEED_MITIGATION_IBPB; }